Our project management team will begin the client engagement with a conference call, web conference or meeting (the kickoff meeting) to review logistical and tactical details that will be required knowledge throughout the engagement.
Prior to any active assessment activity against a client, our security analysts will gather all necessary information to perform a thorough assessment. Depending on the type of assessment, multiple information-gathering approaches may be taken, e.g. open-source intelligence gathering or internal data gathering.
The objective of the threat modeling exercise is to understand the impact of technical network-related threats to the business. This high-level exercise is not as complete and thorough as an exhaustive threat risk assessment, but the resulting threat profile will help us ensure that the technical testing considers threats that may have a high impact on business operations.
During the vulnerability analysis, we will perform manual or automated vulnerability scans to identify vulnerabilities in your in-scope environment. Then, we will conduct a scanning validation exercise to identify false positives and items that require manual validation. Network traffic captured through passive gathering tools is reviewed for information leakage through clear text protocols. Once the environment has been mapped and individual device profiles created, security analysts begin the search for vulnerabilities that may allow system compromise, or information disclosure that will aid in compromising another system.
During the exploitation phase, we will perform the actual penetration test and will attack the systems if a potentially viable method of exploitation exists. As every engagement is different, identifying an exact attack methodology prior to this phase of the engagement is not practical.
The objective of the post-exploitation phase is to determine the value of the compromised asset(s) and attempt to maintain control of the machine for later use. We will identify and document sensitive data, identify configuration settings, communication channels, and relationships with other network devices that can be used to gain further access to the network, and setup one or more methods of accessing the machine at a later time. The methods of post-exploitation include infrastructure analysis, pillaging, high value/profile targets and data exfiltration. The phase is completed with a cleanup process to remove all traces of the penetration testing, such as backdoors or rootkits.
A detailed penetration testing report will be prepared by our pentesting team and delivered to the client. If serious vulnerabilities are discovered during the course of the pentest, we will provide an interim report. See section “Deliverables” for details.
CCNA: Certified Cisco Network Associate
CEH: Certified Ethical Hacker
Contact us now